Preev.com compromised? Script injection ?

Bitcoin Forum

June 17, 2024, 09:29:54 PM

Welcome, Guest. Please login or register.

News: Voting for pizza day contest

Home

Help

Search

Login

Register

More

Bitcoin Forum > Economy > Marketplace > Service Discussion > Preev.com compromised? Script injection ?

Pages: [1]

« previous topic next topic »

Author

Topic: Preev.com compromised? Script injection ? (Read 579 times)

Kprawn (OP)

Legendary

Offline

Offline

Activity: 1904
Merit: 1074

Preev.com compromised? Script injection ?

December 23, 2015, 10:18:17 AM

#1

I get script injection problems with Preev.com .... Could someone verify if this site might be compromised with a bad script? I have no problems with other sites.

I have counter measures in place for script injection attacks, but the warning flags are being raised for Preev.com. Please double check this for me, and correct me if I am wrong.

The site could have been compromised without the owner knowing it. Huh

Huh

│

THE FIRST DECENTRALIZED & PLAYER-OWNED CASINO

│

^{.EARN BITCOIN: DIVIDENDS}

FOR-LIFETIME & MUCH MORE.

│

. BET WITH: BTC│ETH│EOS│LTC│BCH│WAX│XRP│BNB│
.JOIN US: GITLAB│TWITTER│TELEGRAM│

│

pedrog

Legendary

Offline

Offline

Activity: 2786
Merit: 1031

Re: Preev.com compromised? Script injection ?

December 23, 2015, 10:32:55 AM

#2

Virustotal.com doesn't detect anything.

Win Free Bitcoins every hour! - www.freebitco.in

rammy2k2

Legendary

Offline

Offline

Activity: 1974
Merit: 1003

Re: Preev.com compromised? Script injection ?

December 23, 2015, 11:29:48 AM

#3

all good here too

teddy5145

Hero Member

Offline

Offline

Activity: 714
Merit: 528

Re: Preev.com compromised? Script injection ?

December 23, 2015, 02:08:58 PM

#4

Fine on me too

Maybe it was false alarm ?
Or maybe it was coming you pc did you try to check your pc ?

butcherboss

Sr. Member

Offline

Offline

Activity: 338
Merit: 250

Re: Preev.com compromised? Script injection ?

December 23, 2015, 02:19:32 PM

#5

I dont think there is any problem. My pc does not show anything. Scan your pc for virus maybe it was your pc or maybe you ended up on a wrong site made just like preev.com

Kprawn (OP)

Legendary

Offline

Offline

Activity: 1904
Merit: 1074

Re: Preev.com compromised? Script injection ?

December 23, 2015, 10:20:17 PM

#6

I debugged the code and it seems to inject this script :

http://hidcptqmerifcusymaqddcomolsujibeptsmycmqsrwgrcmywshgnfpjhcc.com/filter.aspx?partner=910345&f=popup-u --> DO NOT CLICK ON THIS LINK <----

<script src="http://hidcptqmerifcusymaqddcomolsujibeptsmycmqsrwgrcmywshgnfpjhcc.com/filter.aspx?partner=910345&f=popup-u"></script>

There is definitely something strange going on... Huh

Huh

│

THE FIRST DECENTRALIZED & PLAYER-OWNED CASINO

│

^{.EARN BITCOIN: DIVIDENDS}

FOR-LIFETIME & MUCH MORE.

│

. BET WITH: BTC│ETH│EOS│LTC│BCH│WAX│XRP│BNB│
.JOIN US: GITLAB│TWITTER│TELEGRAM│

│

mexxer-2

Hero Member

Offline

Offline

Activity: 924
Merit: 1005

4 Mana 7/7

Re: Preev.com compromised? Script injection ?

December 23, 2015, 10:27:06 PM

#7

Quote from: Kprawn on December 23, 2015, 10:20:17 PM

http://hidcptqmerifcusymaqddcomolsujibeptsmycmqsrwgrcmywshgnfpjhcc.com/filter.aspx?partner=910345&f=popup-u --> DO NOT CLICK ON THIS LINK <---

I'm good at not following warnings so I opened the link, in a VPS though. And it seems to redirect to google adwords if you do not insert the showme.html part, and if you do, it redirects to a youtube video

Pollak

Full Member

Offline

Offline

Activity: 182
Merit: 100

Pollak

Re: Preev.com compromised? Script injection ?

December 23, 2015, 10:57:20 PM

#8

I use FF no script. The only scripts loading are
Google Analytics and some jquery.

On which location did you find the script?

█████    B I T M I X E R . I O    ██ ██    H I G H   V O L U M E   B I T C O I N   M I X E R    ██ ██    B I T M I X E R . I O    █████
█████    B I T M I X E R . I O    ██ ██    H I G H   V O L U M E   B I T C O I N   M I X E R    ██ ██    B I T M I X E R . I O    █████
█████    B I T M I X E R . I O    ██ ██    H I G H   V O L U M E   B I T C O I N   M I X E R    ██ ██    B I T M I X E R . I O    █████

Kprawn (OP)

Legendary

Offline

Offline

Activity: 1904
Merit: 1074

Re: Preev.com compromised? Script injection ?

December 24, 2015, 11:25:24 AM

#9

Quote from: Pollak on December 23, 2015, 10:57:20 PM

I use FF no script. The only scripts loading are
Google Analytics and some jquery.

On which location did you find the script?

It could be a secondary script, injecting it with every visit to the site. I am going to do a quick re-image to restore everything to it's default status, but I would like to determine

where the infection / hack is coming from. No need doing a whole re-image and you cannot identify the exploited site. It will just re-inject the script and continue as normal.

I have APP's in place to stop the payload, but it disables key features on some of the sites and cancel it's functionality. Angry

Angry

... I guess it's back to VM.

│

THE FIRST DECENTRALIZED & PLAYER-OWNED CASINO

│

^{.EARN BITCOIN: DIVIDENDS}

FOR-LIFETIME & MUCH MORE.

│

. BET WITH: BTC│ETH│EOS│LTC│BCH│WAX│XRP│BNB│
.JOIN US: GITLAB│TWITTER│TELEGRAM│

│

Pages: [1]

Bitcoin Forum > Economy > Marketplace > Service Discussion > Preev.com compromised? Script injection ?

« previous topic next topic »

Jump to:

Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines